Opened 18 years ago
Closed 18 years ago
#1808 closed task (fixed)
linux-2.6.16.25
| Reported by: | Matthew Burgess | Owned by: | |
|---|---|---|---|
| Priority: | high | Milestone: | 6.2 |
| Component: | Book | Version: | SVN |
| Severity: | major | Keywords: | security |
| Cc: |
Description
New version. Release announcement at http://www.ussg.iu.edu/hypermail/linux/kernel/0606.0/1245.html.
Change History (13)
comment:1 by , 18 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 18 years ago
| Summary: | linux-2.6.16.20 → linux-2.6.16.21 |
|---|
comment:3 by , 18 years ago
| Summary: | linux-2.6.16.21 → linux-2.6.16.22 |
|---|
Now 2.6.16.22. Release announcement at http://www.ussg.iu.edu/hypermail/linux/kernel/0606.2/2510.html.
comment:4 by , 18 years ago
| Summary: | linux-2.6.16.22 → linux-2.6.16.23 |
|---|
Now 2.6.16.23. Fixes a remote crash in the SCTP code (CVE-2006-2934) and fixes a KConfig bug. Release announcement at http://www.ussg.iu.edu/hypermail/linux/kernel/0606.3/3026.html.
comment:5 by , 18 years ago
| Summary: | linux-2.6.16.23 → linux-2.6.16.24 |
|---|
Now 2.6.16.24. Fixes a local privilege escalation vulnerability in the prctl() system call. Release announcement at http://www.ussg.iu.edu/hypermail/linux/kernel/0607.0/1725.html.
comment:6 by , 18 years ago
| Owner: | changed from to |
|---|---|
| Status: | assigned → new |
comment:7 by , 18 years ago
| Status: | new → assigned |
|---|
comment:9 by , 18 years ago
| Keywords: | security added |
|---|---|
| Priority: | normal → high |
| Resolution: | fixed |
| Severity: | normal → major |
| Status: | closed → reopened |
| Summary: | linux-2.6.16.24 → linux-2.6.16.25 |
Security update. Example exploit for old version is available at http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047913.html (needs a.out binfmt support in the kernel, but there are other ways to exploit this).
comment:11 by , 18 years ago
What versions of HAL? Where is the report? These types of posts are of little use without details. What action is suggested?
comment:12 by , 18 years ago
The report is referenced (very imprecisely, and it is certainly not on the hal list on fredesktop) at http://lkml.org/lkml/2006/7/14/309, but then Greg KH says that HAL 0.5.7 works for him.
comment:13 by , 18 years ago
| Resolution: | → fixed |
|---|---|
| Status: | reopened → closed |
Updated to linux-2.6.16.26 at revision 7675.
Now 2.6.16.21 with a couple of local DoS fixes and another SCTP fix. Release announcement at http://www.ussg.iu.edu/hypermail/linux/kernel/0606.2/1171.html